A computer network typically includes a collection of interconnected computing devices that exchange data and share resources. The devices may include, for example, web servers, database servers, file servers, routers, printers, end-user computers and other devices. The variety of devices may execute a myriad of different services and communication protocols. Each of the different services and communication protocols exposes the network to different security vulnerabilities.
Due to increasing reliance on network-accessible computers, network security has become a major issue for organizations and individuals. To help ensure security of their computers, organizations and individuals may install security devices between public networks and their private networks. Such security devices may prevent unwanted or malicious information from the public network from affecting devices in the private network.
These security devices are commonly referred to as firewall device. Typically, the firewall is a dedicated device that is configured to control access to the private network by permitting or denying traffic flows based on an organization's security policies. Typical high-end firewalls provide packet forwarding by dynamically load-balancing packet flows to a set of service cards. These service cards provide flow-based security services, such as flow blocking, network address translation (NAT), anti-virus (AV) scanning and detection, intrusion detection prevention (IDP) and/or any other security services. The firewall device typically intercepts packets entering and leaving the private network, and processes the packets with the service cards and applies an administrator configured policy to determine whether to permit or deny the packet based on information included within each packet that may define a state of a flow associated with the packet.